Snort mailing list archives

Re: snort + mysql

From: Joel Esler <joel.esler () sourcefire com>
Date: Wed, 23 Apr 2008 13:54:22 -0400

I am going to do my best to not plug Sourcefire.

Sourcefire shows you when a packet has been dropped or not.

Did I do okay?

J



Lamanary Ramos de Pina said:

   Hi all,

   I have a centos+snort+base ips set and is quite difficult to me to "see"
   the results of the drops on BASE console. I understand that a sdrop
   doesn't produce any alert but that's not what I want.

   Is there anything like BASE (free or not) that runs over snort that gives
   me a different feedback on the alerts, logs and drops namely?

   I read something about sguil and i would like to know if is possible to
   run it together with base? if yes, can you point me a good tutorial?

   Yes, I admit that I haven't googled enough on this yet, I'm just asking
   for a shotcut here.

   Thanks

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone

_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users








-----
joel esler
828A A216 6D95 A6BB B386  54F3 ACE3 B833 5F51 4902 

-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference 
Don't miss this year's exciting event. There's still time to save $100. 
Use priority code J8TL2D2. 
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

snort + mysql sahil aggrawal (Apr 22)
- Re: snort + mysql Paolo (Apr 22)
  - Re: snort + mysql sahil aggrawal (Apr 22)
    - Re: snort + mysql Paolo (Apr 22)
    - Re: snort + mysql YARICK (Apr 22)
- Re: snort + mysql Lamanary Ramos de Pina (Apr 23)
  - Re: snort + mysql Joel Esler (Apr 23)
    - Re: snort + mysql Paul Melson (Apr 23)
    - Re: snort + mysql Joel Esler (Apr 23)
    - Re: snort + mysql Paul Melson (Apr 24)
    - Re: snort + mysql JJ Cummings (Apr 23)
    - Re: snort + mysql Joel Esler (Apr 23)
    - Secure Connection - Barnyard -> DB Randal T. Rioux (May 15)
    - Barnyard / PostgreSQL / Solaris Randal T. Rioux (May 23)
    - Re: Barnyard / PostgreSQL / Solaris Todd Wease (May 24)
    - Re: Barnyard / PostgreSQL / Solaris Randal T. Rioux (May 24)
- <Possible follow-ups>
- Re: snort + mysql Azze, Jason (GPG) (Apr 23)